gravitational · mmcallister · Jun 22, 2024 · Jun 6, 2024 · Jun 7, 2024 · Jun 7, 2024
diff --git a/docs/cspell.json b/docs/cspell.json
@@ -514,6 +514,8 @@
     "ioreg",
     "isnt",
     "isrgrootx",
+    "jamfapiendpoint",
+    "jamfclientid",
     "javapipeline",
     "jetbrains",
     "jiraapitoken",

diff --git a/docs/pages/access-controls/access-graph.mdx b/docs/pages/access-controls/access-graph.mdx
@@ -12,14 +12,61 @@ users, roles, and resources in your organization. It can help you answer questio
 - What users can access a specific resource?
 - What are the relationships between users, roles, and resources?
 
+## Getting started with Teleport Policy
+
 Access Graph is a feature of the [Teleport Policy](https://goteleport.com/platform/policy/) product that is only 
 available to Teleport Enterprise customers.
 
 After logging into the Teleport UI, go to the Management tab. If enabled, Access Graph options can be found
 under the Permission Management section.
 
+<Admonition type="note">
+Note: For managed Teleport Enterprise customers, Access Graph is enabled by default.
+If you are a self-hosted Teleport customer, you will need to set up [Access Graph](./access-graph/self-hosted.mdx). 
+</Admonition>
+
 ![Teleport Access Graph](../../img/access-graph/main-view.png)
 
+## How to use it
+
+Teleport Access Graph can help you to answer questions like:
+
+- Who can access a specific resource?
+
+Determine who has access to resources and understand the pathways that grant access:
+
+![Show Access Path Resource](../../img/access-graph/show-access-path-resource.gif)
+
+- What resources can a specific user access?
+
+At a glance, you can view all the resources a user can access:
+
+![Show Access Path](../../img/access-graph/show-access-path.gif)
+
+## Navigation
+
+![Navigation](../../img/access-graph/sidebar.png)
+
+The left hand side menu contains the main navigation options:
+
+- Graph view
+- Search
+- SQL editor
+- Integrations
+
+## Graph View
+
+Graph view is the main view that shows the connections between identities and resources.
+By default, an aggregated view of access paths grouped by identity is showed.
+
+## Search
+
+To search for a graph node, use the search bar at the top of the page or the search icon on the right hand side:
+
+![Search](../../img/access-graph/search.png)
+
+You can then search through all node types and all imported entities.
+
 ## Graph nodes
 
 Teleport Access Graph divides your infrastructure into six main components:
@@ -72,6 +119,8 @@ The number on the right hand side shows the number of resources that a resource
 Resources are the things that users can or cannot access. They can be
 servers, databases, or Kubernetes clusters.
 
+## Connecting to resources
+
 ## Graph paths
 
 Teleport Access Graph shows the relationships between users, roles, and
@@ -101,42 +150,6 @@ Deny paths connect identities to resources. They show what an identity cannot ac
 and what actions they cannot perform. Deny paths take precedence over allow
 paths.
 
-## How to use it
-
-Teleport Access Graph can help you to answer questions like:
-
-- Who can access a specific resource?
-
-![Show Access Path Resource](../../img/access-graph/show-access-path-resource.gif)
-
-- What resources can a specific user access?
-
-![Show Access Path](../../img/access-graph/show-access-path.gif)
-
-## Navigation
-
-![Navigation](../../img/access-graph/sidebar.png)
-
-The left hand side menu contains the main navigation options:
-
-- Graph view
-- Search
-- SQL editor
-- Integrations
-
-## Graph View
-
-Graph view is the main view that shows the connections between identities and resources.
-By default, an aggregated view of access paths grouped by identity is showed.
-
-## Search
-
-To search for a graph node use the search bar at the top of the page or the search icon on the right hand side.
-
-![Search](../../img/access-graph/search.png)
-
-You can then search through all node types and all imported entities.
-
 ## SQL Editor
 
 Access Graph allows creating SQL like queries to explore the graph.
@@ -177,8 +190,8 @@ More actionable examples is available under ? icon.
 Integrations page shows integrations that can be enabled or are already enabled in Access Graph.
 
 <Admonition title="Note" type="tip">
-  Resources imported into Teleport through Teleport enabled integrations are automatically imported into
-  Access graph without any additional configuration.
+Resources imported into Teleport through Teleport enabled integrations are automatically imported into
+Access graph without any additional configuration.
 </Admonition>
 
 ## How resources and identities are represented
@@ -228,3 +241,4 @@ Resource Groups are created from Teleport roles.
 
 Resources are created from Teleport resources like nodes, databases, and
 Kubernetes clusters.
+